Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/26855d-1990-4d80-9c82-1563f93a540d/1/8X3cZ5pdyedXD_h2aOkWL34iYVU.roa
File:                     8X3cZ5pdyedXD_h2aOkWL34iYVU.roa (raw, json)
Hash identifier:          hSk9xkbqwcWlC83HAxcpypLM1l5C+78aQ1FLfUCZJ4I=
Subject key identifier:   F1:7D:DC:67:9A:5D:C9:E7:57:0F:F8:76:68:E9:16:2F:7E:22:61:55
Certificate issuer:       /CN=90079b3e8df09970c1414482be5b2268729475ff
Certificate serial:       0134F3
Authority key identifier: 90:07:9B:3E:8D:F0:99:70:C1:41:44:82:BE:5B:22:68:72:94:75:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kAebPo3wmXDBQUSCvlsiaHKUdf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/26855d-1990-4d80-9c82-1563f93a540d/1/8X3cZ5pdyedXD_h2aOkWL34iYVU.roa
Signing time:             Sun 02 Jan 2022 18:24:58 +0000
ROA not before:           Sun 02 Jan 2022 18:24:58 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50340
IP address blocks:        195.88.220.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79091 (0x134f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=90079b3e8df09970c1414482be5b2268729475ff
        Validity
            Not Before: Jan  2 18:24:58 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=f17ddc679a5dc9e7570ff87668e9162f7e226155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:16:04:46:08:90:28:a7:e2:03:b9:c8:dd:96:
                    16:f7:d3:55:62:f6:73:08:c9:3a:92:5e:3b:40:94:
                    23:98:f8:34:ed:63:a3:bb:b0:a5:a0:a1:3e:44:a9:
                    c2:15:45:f0:73:eb:a8:1d:04:d1:11:56:bb:9f:cc:
                    2b:bf:39:bd:3c:8c:bb:d3:ec:70:bf:c1:c9:cb:b0:
                    93:0b:5b:55:6f:48:65:20:1c:8d:f1:b3:00:c1:01:
                    87:ca:d0:f2:d1:c9:03:da:b4:ac:b7:79:7a:03:20:
                    df:c2:3e:18:25:0a:c2:c1:8a:13:d5:f5:c3:68:5c:
                    a4:d8:ad:b5:aa:23:e0:7e:98:2f:1c:e6:36:7d:fa:
                    e0:2f:12:ad:d8:3a:fa:82:87:c6:80:a1:c0:6c:55:
                    35:36:37:06:a1:0c:7c:59:7c:50:8f:ab:ad:4a:8c:
                    1b:bd:44:37:bf:0a:b4:fc:50:12:4a:f1:60:6e:e6:
                    d7:15:aa:93:03:c2:e2:55:7e:42:bb:13:94:4b:c2:
                    c8:a7:fb:29:8f:6d:a7:c2:70:ff:58:2e:d9:07:25:
                    5c:71:a3:42:54:b0:c2:62:d8:66:55:3d:5f:ee:fe:
                    4e:ae:8b:7b:55:07:47:c6:ff:2b:ac:45:87:b1:35:
                    3d:c5:0e:5b:a9:3d:7d:92:8b:33:63:85:5c:f8:1d:
                    dd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:7D:DC:67:9A:5D:C9:E7:57:0F:F8:76:68:E9:16:2F:7E:22:61:55
            X509v3 Authority Key Identifier:
                keyid:90:07:9B:3E:8D:F0:99:70:C1:41:44:82:BE:5B:22:68:72:94:75:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kAebPo3wmXDBQUSCvlsiaHKUdf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/26855d-1990-4d80-9c82-1563f93a540d/1/8X3cZ5pdyedXD_h2aOkWL34iYVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/26855d-1990-4d80-9c82-1563f93a540d/1/kAebPo3wmXDBQUSCvlsiaHKUdf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.88.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:7b:1e:4d:88:4e:75:d6:bb:ae:dd:52:f6:c4:7c:b4:48:15:
         54:23:be:7c:49:a1:83:d7:6d:af:4a:c7:1d:59:a7:d7:48:55:
         54:d4:43:5b:b1:b9:8c:8d:13:0b:4d:c0:66:79:cb:38:e0:4f:
         40:75:7c:33:ac:e7:b3:ff:17:c0:c1:11:79:62:16:70:83:23:
         e9:72:18:75:a5:d7:a1:e6:d3:6a:9d:6b:fc:2e:37:63:f0:81:
         40:64:c7:15:ea:f9:df:e6:2c:63:29:88:37:13:d8:54:72:0e:
         ba:44:0a:42:55:7d:6b:6e:06:4f:cc:07:11:a8:34:c2:5f:a0:
         d1:73:a3:04:68:48:f5:c7:0d:f1:98:6e:06:72:6b:c2:47:20:
         56:d3:df:c3:cb:a6:a2:64:5d:41:1e:52:66:55:f4:89:56:c4:
         ee:5e:d2:79:23:33:57:c3:c9:bc:90:54:e0:b6:29:ae:04:51:
         c5:e6:4f:a3:8c:a9:a9:50:af:51:a6:d4:d1:4f:5f:70:e1:32:
         d7:c9:c2:93:42:0a:d2:e1:b3:e4:a4:24:ac:f7:10:8f:d0:d1:
         9c:60:f4:62:95:3d:b4:bc:1d:45:b7:a3:2b:c2:df:88:2d:d6:
         b7:fe:c3:3b:83:95:5b:c2:73:18:6f:35:7d:da:4b:57:d3:64:
         c5:07:5e:af
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDATTzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkw
MDc5YjNlOGRmMDk5NzBjMTQxNDQ4MmJlNWIyMjY4NzI5NDc1ZmYwHhcNMjIwMTAy
MTgyNDU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmMTdkZGM2NzlhNWRj
OWU3NTcwZmY4NzY2OGU5MTYyZjdlMjI2MTU1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlhYERgiQKKfiA7nI3ZYW99NVYvZzCMk6kl47QJQjmPg07WOj
u7CloKE+RKnCFUXwc+uoHQTREVa7n8wrvzm9PIy70+xwv8HJy7CTC1tVb0hlIByN
8bMAwQGHytDy0ckD2rSst3l6AyDfwj4YJQrCwYoT1fXDaFyk2K21qiPgfpgvHOY2
ffrgLxKt2Dr6gofGgKHAbFU1NjcGoQx8WXxQj6utSowbvUQ3vwq0/FASSvFgbubX
FaqTA8LiVX5CuxOUS8LIp/spj22nwnD/WC7ZByVccaNCVLDCYthmVT1f7v5Orot7
VQdHxv8rrEWHsTU9xQ5bqT19koszY4Vc+B3dMQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFPF93GeaXcnnVw/4dmjpFi9+ImFVMB8GA1UdIwQYMBaAFJAHmz6N8JlwwUFE
gr5bImhylHX/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
a0FlYlBvM3dtWERCUVVTQ3Zsc2lhSEtVZGY4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85ZS8yNjg1NWQtMTk5MC00ZDgwLTljODItMTU2M2Y5M2E1NDBkLzEv
OFgzY1o1cGR5ZWRYRF9oMmFPa1dMMzRpWVZVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8y
Njg1NWQtMTk5MC00ZDgwLTljODItMTU2M2Y5M2E1NDBkLzEva0FlYlBvM3dtWERC
UVVTQ3Zsc2lhSEtVZGY4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1jcMA0GCSqGSIb3DQEBCwUAA4IB
AQBfex5NiE511ruu3VL2xHy0SBVUI758SaGD122vSscdWafXSFVU1ENbsbmMjRML
TcBmecs44E9AdXwzrOez/xfAwRF5YhZwgyPpchh1pdeh5tNqnWv8Ljdj8IFAZMcV
6vnf5ixjKYg3E9hUcg66RApCVX1rbgZPzAcRqDTCX6DRc6MEaEj1xw3xmG4GcmvC
RyBW09/Dy6aiZF1BHlJmVfSJVsTuXtJ5IzNXw8m8kFTgtimuBFHF5k+jjKmpUK9R
ptTRT19w4TLXycKTQgrS4bPkpCSs9xCP0NGcYPRilT20vB1Ft6Mrwt+ILda3/sM7
g5VbwnMYbzV92ktX02TFB16v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:01 2024 by rpki-client on console-fra.rpki-client.org